Saturday, January 23, 2021

Public ICS Disclosures – Week of 1-16-21

This week we have six vendor disclosures from ABB, Bosch, Belden, WEIDMUELLER, PulseSecure, and Siemens. We have two vendor reports on products from Sela.

ABB Advisory

ABB published an advisory describing an unauthenticated crafted packet vulnerability in their AC500 V2 PLCs. The vulnerability was reported by Yossi Reuven of SCADAfence. ABB has a new firmware version that mitigates the vulnerability. There is no indication that Reuven was provided an opportunity to verify the efficacy of the fix.

Bosch Advisory

Bosch published an advisory describing two vulnerabilities in their Bosch Fire Monitoring System. The vulnerabilities are self-reported. Bosch has a patch that mitigates the vulnerabilities.

The two reported vulnerabilities are:

• Use of hard-coded credentials - CVE-2020-6779, and

• Use of password hash with insufficient computational effort - CVE-2020-6780

Belden Advisory

Belden published an advisory describing a firewall bypass vulnerability in their WLAN (HiCLOS) products. The vulnerability is self-reported. Belden has updates available that mitigate the vulnerability.

WEIDMUELLER Advisory

CERT-VDE published an advisory discussing the fdtCONTAINER vulnerability in the WEIDMUELLER WI Manager. WEIDMUELLER continues to work on mitigation measures for this vulnerability.

PulseSecure Advisory

PulseSecure published an advisory discussing a third-party (OpenSSL) null pointer dereference vulnerability in their products. They can report that their Pulse Secure vADC is not affected, but they are still looking at other products.

Siemens Advisory

Siemens published an out-of-zone advisory discussing the DNSpooq vulnerabilities in their SCALANCE and RUGGEDCOM Devices. Siemens has provided generic workarounds to mitigate the vulnerabilities pending further development efforts.

Selea Reports

Zero Science Labs has published a report describing a cross-site scripting vulnerability in the Selea CarPlateServer. Zero Science reports coordinating with Selea but is unaware of any mitigation measures developed by the company. LiquidWorm has published an exploit for this vulnerability.

 

Zero Science Labs has published a report describing a privilege escalation vulnerability in the Selea CarPlateServer. Zero Science reports coordinating with Selea but is unaware of any mitigation measures developed by the company. LiquidWorm has published an exploit for this vulnerability.

No comments:

 
/* Use this with templates/template-twocol.html */